cddtsecure.com/?a=43588&c=318080&co=91932&mt=18&s2=WgLmzFzaFpFtSvyfxspeGA
63.34.237.166302 Found 243 B URL HTTP/1.1 cddtsecure.com/?a=43588&c=318080&co=91932&mt=18&s2=WgLmzFzaFpFtSvyfxspeGA
IP 63.34.237.166:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash ccb653a01d0450f9a0a0485c0a9afde6
b6a7c1e7b7ca8c35977caf031addd0431c93aded
d0d5e17bd6b43d31aeafe9d6fa9db1eaa444a3f614402bf9c17409019234572a
GET /?a=43588&c=318080&co=91932&mt=18&s2=WgLmzFzaFpFtSvyfxspeGA HTTP/1.1
Host: cddtsecure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sun, 05 Feb 2023 00:56:57 GMT
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Set-Cookie: gdm_sid_v1_3_001=gTT3i7nU01La4YTXXKgrIuj8s8ZabazB1WOMlbXtm4KSox3rQkb50wKSa+yoZ89NlXeopY7BCGmGYjI++fq02I4K+T8MCVWqGppBSWdVa+BzvmmfiE625NeQIzGnEq2Ynv7ciDaPhaobw3u5r7RM4PsUiNfQGHqJys383SXh3lzYWs/PInPDBuqYqtb2udBigtflgN2MCnO3XX2g2ynI8iLxbelD5GPjeEX8YyKLCSqjVudasrAq0QOoWtonPT/cnWSf4sAsTDRYZqygz5AhjhEaTAOKNTMOkLmows4tKCxjbzfNQFLYvZ5C96kg9bTbQAbdZJyuISid+WWjBKM7eQWD+JaEdftSPEPuQBLMaoweQdB4UDXTtqTHuzXfVwrLez0ioote4VLRZGRYiqwikV/9zlNjXH1zTD3wJS5XRtZfUAhdcLHN99blzLEuyXuLYnVp7LnTvJzolyz8v/P+DagqEzM3G8vhP0z125Gz0sAkD6qnoyxQxGKrDfbnqcAG2vtLPfJyNyVJDBAGHnFHahjL2feWO992FNkeVNfXpobnresz5iXwHErFXqiQeBKnUt2B66D/V0lmp0uNCFaGshtwwNPCrIqfdxNfvCCQOedLzkQKEpA+EVQJ34bAkRccGcS99BeyCh9IrpUbgZhkLbkFq0tVbrmD+PPvXS9N3I7LUjo0Pb9uoP2QyJldiDPUNXSRkfnhsyPsUVyLTj7jWizXEfbUBj7cDdXrDloYYz9PFjb3t+6p4VCTN7O9Ui7FTd/7kWNvvirzldyo+jY4ZcBniHFFzPkXUpRk4PFQIznKoHztN3L69x71MX4FBMVGwNrbgUqNFYu0zDk0cQkr9szBM2K4W/DXvW2mqO0cwocB9M8y2dy0manf+EPsa/rA6saI79f7mLxbnthnrRy9UanS2OmGBrgxtzT/SOsewPR3/iRcAH/lmSRJXgGqFX6dqctpHDiOMrFsKt47xL67kYfy4rw3OoyLEG95wxnG/iqlUmLfPqLOoTBid03LrrpXhKfSiISY9eq7tO6Baxg1kQ==; Domain=.cddtsecure.com; Expires=Sat, 06-May-2023 00:56:57 GMT; Path=/
gdm_click_adv_freq_v2_1_001=B6XtSNf0/Fok3GcB4BTdMjNWXhOSLxIkWCD31OrLWDJFZV/IkCGxlja7MNn8BXuC; Domain=.cddtsecure.com; Expires=Sat, 06-May-2023 00:56:56 GMT; Path=/; Secure; SameSite=None
gdm_suid_v1_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.cddtsecure.com; Expires=Sat, 06-May-2023 00:56:56 GMT; Path=/
gdm_uid_v1_1_001=PM9wXrqwu3atKkYArOAgr8EdHelJ6w1g53cIUrbcHABK6POz0PhLmjQ0I9DVmT7Z; Domain=.cddtsecure.com; Expires=Sat, 06-May-2023 00:56:56 GMT; Path=/
gdm_click_freq_v2_1_001=bfK8z5UDo04kDjzc8YCbxnPWkbKaxWTy2b+Id8SLydxzFNjP3Hzlk8kpfHqhhdix; Domain=.cddtsecure.com; Expires=Sat, 06-May-2023 00:56:56 GMT; Path=/; Secure; SameSite=None
gdm_uid_v2_1_001=PM9wXrqwu3atKkYArOAgr8EdHelJ6w1g53cIUrbcHABK6POz0PhLmjQ0I9DVmT7Z; Domain=.cddtsecure.com; Expires=Sat, 06-May-2023 00:56:56 GMT; Path=/; Secure; SameSite=None
gdm_click_freq_v1_1_001=bfK8z5UDo04kDjzc8YCbxnPWkbKaxWTy2b+Id8SLydxzFNjP3Hzlk8kpfHqhhdix; Domain=.cddtsecure.com; Expires=Sat, 06-May-2023 00:56:56 GMT; Path=/
gdm_click_adv_freq_v1_1_001=B6XtSNf0/Fok3GcB4BTdMjNWXhOSLxIkWCD31OrLWDJFZV/IkCGxlja7MNn8BXuC; Domain=.cddtsecure.com; Expires=Sat, 06-May-2023 00:56:56 GMT; Path=/
gdm_sid_v2_3_001=gTT3i7nU01La4YTXXKgrIuj8s8ZabazB1WOMlbXtm4KSox3rQkb50wKSa+yoZ89NlXeopY7BCGmGYjI++fq02I4K+T8MCVWqGppBSWdVa+BzvmmfiE625NeQIzGnEq2Ynv7ciDaPhaobw3u5r7RM4PsUiNfQGHqJys383SXh3lzYWs/PInPDBuqYqtb2udBigtflgN2MCnO3XX2g2ynI8iLxbelD5GPjeEX8YyKLCSqjVudasrAq0QOoWtonPT/cnWSf4sAsTDRYZqygz5AhjhEaTAOKNTMOkLmows4tKCxjbzfNQFLYvZ5C96kg9bTbQAbdZJyuISid+WWjBKM7eQWD+JaEdftSPEPuQBLMaoweQdB4UDXTtqTHuzXfVwrLez0ioote4VLRZGRYiqwikV/9zlNjXH1zTD3wJS5XRtZfUAhdcLHN99blzLEuyXuLYnVp7LnTvJzolyz8v/P+DagqEzM3G8vhP0z125Gz0sAkD6qnoyxQxGKrDfbnqcAG2vtLPfJyNyVJDBAGHnFHahjL2feWO992FNkeVNfXpobnresz5iXwHErFXqiQeBKnUt2B66D/V0lmp0uNCFaGshtwwNPCrIqfdxNfvCCQOedLzkQKEpA+EVQJ34bAkRccGcS99BeyCh9IrpUbgZhkLbkFq0tVbrmD+PPvXS9N3I7LUjo0Pb9uoP2QyJldiDPUNXSRkfnhsyPsUVyLTj7jWizXEfbUBj7cDdXrDloYYz9PFjb3t+6p4VCTN7O9Ui7FTd/7kWNvvirzldyo+jY4ZcBniHFFzPkXUpRk4PFQIznKoHztN3L69x71MX4FBMVGwNrbgUqNFYu0zDk0cQkr9szBM2K4W/DXvW2mqO0cwocB9M8y2dy0manf+EPsa/rA6saI79f7mLxbnthnrRy9UanS2OmGBrgxtzT/SOsewPR3/iRcAH/lmSRJXgGqFX6dqctpHDiOMrFsKt47xL67kYfy4rw3OoyLEG95wxnG/iqlUmLfPqLOoTBid03LrrpXhKfSiISY9eq7tO6Baxg1kQ==; Domain=.cddtsecure.com; Expires=Sat, 06-May-2023 00:56:56 GMT; Path=/; Secure; SameSite=None
gdm_suid_v2_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.cddtsecure.com; Expires=Sat, 06-May-2023 00:56:56 GMT; Path=/; Secure; SameSite=None
Location: https://ujn.nowsubmission.com//?kw=43588&s1=a33da0e39e0c4624bb84c275b540dab11e1bf&s2=
Content-Language: en-US
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3061
Expires: Sun, 05 Feb 2023 01:47:58 GMT
Date: Sun, 05 Feb 2023 00:56:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11720
Expires: Sun, 05 Feb 2023 04:12:17 GMT
Date: Sun, 05 Feb 2023 00:56:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 00:43:39 GMT
content-type: application/json
age: 798
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19346
Expires: Sun, 05 Feb 2023 06:19:23 GMT
Date: Sun, 05 Feb 2023 00:56:57 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +k5nsWFBoyqd6Ms59AweGMTneiVD2HQLWWW+m5AeuJxxGc/OTYu/0gZAWBG6VUBTXz/88MEZGD0=
x-amz-request-id: 08RD74767PR75EE1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 00:24:14 GMT
age: 1963
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:56:57 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6451ae259be7c2693588737f14b5c711
9a5f76f793454e7bd3d554e9b76e075ea22f085b
2486ef0ce1e01ea358e8b567fbcd39821110a4592e1312a02a0479bb415a3805
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2486EF0CE1E01EA358E8B567FBCD39821110A4592E1312A02A0479BB415A3805"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21595
Expires: Sun, 05 Feb 2023 06:56:53 GMT
Date: Sun, 05 Feb 2023 00:56:58 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 00:49:07 GMT
age: 471
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2179
Expires: Sun, 05 Feb 2023 01:33:17 GMT
Date: Sun, 05 Feb 2023 00:56:58 GMT
Connection: keep-alive
push.services.mozilla.com/
35.82.48.240101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.82.48.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ss18xkBeU4WPFx7HMpADdg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zs6nK61WoDhvQEZM1TIpSPw+DNA=
ujn.nowsubmission.com//?kw=43588&s1=a33da0e39e0c4624bb84c275b540dab11e1bf&s2=
179.61.143.121302 Found 718 B URL HTTP/1.1 ujn.nowsubmission.com//?kw=43588&s1=a33da0e39e0c4624bb84c275b540dab11e1bf&s2=
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ac185c7716edfe58b6219831d83f5a90
148100fcbae07af6b83a1f1510dba446b1c9774b
cb3af1070ba38bc7fc99a484113582e351cea50569749b35ffdcf2170e74f4e8
GET //?kw=43588&s1=a33da0e39e0c4624bb84c275b540dab11e1bf&s2= HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
date: Sun, 05 Feb 2023 00:56:59 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
cache-control: no-cache, private
location: https://ujn.nowsubmission.com/t/2e9423a84ad4/feba0716-a4ef-11ed-abd1-2d5f27a5469f/febea2ee-a4ef-11ed-af91-397b2ca4c432
x-redir: true
set-cookie: yredir_session=eyJpdiI6InIvRHRHa1FYdEdueTN5NWU2Y3l5YUE9PSIsInZhbHVlIjoiQ2ZkSEtxYWhzQzA0UXN4cStMcTBwSXE1ODVVa3pUQ25aYmljSU4wdERwWjFhdUZKYlFJMDZwWHZ2dDBiV01adHVGYjhjTkpPeUhSNTh2V0lMQjBHbnErVEJxQVFlbFlnVVNNR29oT2VRbGk4dm5ZLzljQXJLT1pSdXZxSGdxekgiLCJtYWMiOiI5YzVmZDc4NDI4MWI3MzRlOTQxNzA4M2E1NGYwNzhmNGM4NDU2ZTAzNWI3MTNmNzFhOGQ0NjYyOTQ2MjE2YTEyIiwidGFnIjoiIn0%3D; expires=Sun, 05 Feb 2023 02:56:59 GMT; Max-Age=7200; path=/; httponly; samesite=lax
strict-transport-security: max-age=15768000
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6053
Expires: Sun, 05 Feb 2023 02:37:52 GMT
Date: Sun, 05 Feb 2023 00:56:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6053
Expires: Sun, 05 Feb 2023 02:37:52 GMT
Date: Sun, 05 Feb 2023 00:56:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6053
Expires: Sun, 05 Feb 2023 02:37:52 GMT
Date: Sun, 05 Feb 2023 00:56:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3f52758-d976-47aa-a47d-f0d6026514dc.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3f52758-d976-47aa-a47d-f0d6026514dc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f28ffcf384ce958b6302d05b6690c088
e5d4cbfc7482d35ee2ca03a7178426f3e2e97010
725d42a020d496f596074794cc2abdaca8a9b821e1a3502eee26056d0f528506
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3f52758-d976-47aa-a47d-f0d6026514dc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7665
x-amzn-requestid: 001ba86d-ebc8-4819-89f7-1604bc059cd8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGibFeqIAMFqMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8475-076d982b5fccf2b931a05976;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:10:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gnkjykHYcMthJkIb-A1P1rRw9FZieh3TmoTT3qVaceWw03TQNX8qfQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:32:24 GMT
age: 8675
etag: "e5d4cbfc7482d35ee2ca03a7178426f3e2e97010"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a38348b-ed70-4e2f-80ce-d13e44fefcfc.webp
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a38348b-ed70-4e2f-80ce-d13e44fefcfc.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7b596a8e984911df703e15c72d25d513
a1fa1355f4de6f246d35bed9f128e13fc9dc4e72
aba708124199ec6b0ce86ac14c6c18d233ff405071a7f22522217c2fcb0aa9b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a38348b-ed70-4e2f-80ce-d13e44fefcfc.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13557
x-amzn-requestid: 981a0f31-e874-4392-a81d-12d667020700
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fH8-JGEsoAMFhZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cca85a-7398031f2676734c65447e5b;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 03:07:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3dw5Oj2su-_kCvpC1jDJsyAEUPzaexgTzhAC9yAYSyXTFRVge2FR6Q==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:10:43 GMT
age: 9976
etag: "a1fa1355f4de6f246d35bed9f128e13fc9dc4e72"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9070541c-6707-464e-b141-b6c767d8a58a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9070541c-6707-464e-b141-b6c767d8a58a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 062e186a259eda97173695240a492c63
9b476a4ec219667f560b88199a3a4e4b0a93b579
d18570d3c4ada689b5c2a99b0783ce41c629bd125e6683cf225e01b7032f14a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9070541c-6707-464e-b141-b6c767d8a58a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12256
x-amzn-requestid: 1b959eb9-cf69-414c-b57b-4a63277d709c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fvgx-EhgoAMF2wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc7b3f-2c58e8ac2aee8a8f409a93a0;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 03:10:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dvxlk1iSyNfjmNRI_8HcmhG9_xe0ZlaZ0Pzj0H9EBR6wwXKg0L7YVQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 05:55:27 GMT
age: 68492
etag: "9b476a4ec219667f560b88199a3a4e4b0a93b579"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b3e7140400336984afc6093c1246f863
59e0b21cdf4cfdac3f1ea05badd007727939ac42
4d927e74922159db5d07b9947fa1021cff74bb7b55759960cb3941d05c1e8f11
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9579
x-amzn-requestid: c474008d-a6a9-409b-88e2-c55062044575
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzQtnFGhoAMF5Zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddfb23-54dd67257ba25ad24e977a9c;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 06:28:51 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0Of3BK3VqVMGQGDIODQthVmi7BC8Ney4zgGCpVuzYc1j6D8RRP-AxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 11:55:41 GMT
age: 46878
etag: "59e0b21cdf4cfdac3f1ea05badd007727939ac42"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef803fc0-c789-4c2b-8cb2-33bef88abc9c.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef803fc0-c789-4c2b-8cb2-33bef88abc9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bbb38d805862a1b3081eebf256e0dae0
4a5cb01390d897be8721cd4551c74d0452aff640
02443891d0533f37fe38b16febafc86fa64c457dc1827b97ec535d623486d549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef803fc0-c789-4c2b-8cb2-33bef88abc9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8691
x-amzn-requestid: 51bb839e-c32c-4be9-9f38-7f8044160e70
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsLgFPqIAMFfww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d22716-3794126b47a79aed27e1aac4;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:09:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9du1ien5j1WSLplBzT5AAV-xIPKNgg4-8tdjux_iEGXNGaCcj29Xog==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 03:37:50 GMT
age: 76749
etag: "4a5cb01390d897be8721cd4551c74d0452aff640"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b593b5-5093-4504-8ab7-492c62b14ca7.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b593b5-5093-4504-8ab7-492c62b14ca7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c1f3df5bbad5048923e29c0767d703d3
48c408d37a7bd7f96653174359178eed46ddf298
c8bae041c3d64334964b2aa771a07bc2709ced4c497e1795f864d9416fed728f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b593b5-5093-4504-8ab7-492c62b14ca7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5801
x-amzn-requestid: 441284a8-923a-4b22-b39f-95dec713c292
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fjj9jHu_IAMFZ-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d7b389-788174a773fcd695540cc95e;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 12:09:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DgvqiQwdytO2caPNzg2OhGcv8ly9N_YeQTzpuf6iwAVt8AQZEXRLqw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:43:52 GMT
age: 11587
etag: "48c408d37a7bd7f96653174359178eed46ddf298"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ujn.nowsubmission.com/t/2e9423a84ad4/feba0716-a4ef-11ed-abd1-2d5f27a5469f/febea2ee-a4ef-11ed-af91-397b2ca4c432
179.61.143.121200 OK 5.7 kB URL HTTP/1.1 ujn.nowsubmission.com/t/2e9423a84ad4/feba0716-a4ef-11ed-abd1-2d5f27a5469f/febea2ee-a4ef-11ed-af91-397b2ca4c432
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 573e9a40ecebb9d7822101b6a6bf1fbd
b704bbd707155c2439ae37a8773d40266ef8ebf1
5d480aa7eb7a473f8f522ce405581b19425b4dc1d5aec5ca0407ebb93f9a3510
Analyzer Verdict Alert fortinet Phishing
GET /t/2e9423a84ad4/feba0716-a4ef-11ed-abd1-2d5f27a5469f/febea2ee-a4ef-11ed-af91-397b2ca4c432 HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: yredir_session=eyJpdiI6InIvRHRHa1FYdEdueTN5NWU2Y3l5YUE9PSIsInZhbHVlIjoiQ2ZkSEtxYWhzQzA0UXN4cStMcTBwSXE1ODVVa3pUQ25aYmljSU4wdERwWjFhdUZKYlFJMDZwWHZ2dDBiV01adHVGYjhjTkpPeUhSNTh2V0lMQjBHbnErVEJxQVFlbFlnVVNNR29oT2VRbGk4dm5ZLzljQXJLT1pSdXZxSGdxekgiLCJtYWMiOiI5YzVmZDc4NDI4MWI3MzRlOTQxNzA4M2E1NGYwNzhmNGM4NDU2ZTAzNWI3MTNmNzFhOGQ0NjYyOTQ2MjE2YTEyIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
date: Sun, 05 Feb 2023 00:56:59 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
service-worker-allowed: /
cache-control: no-cache, private
x-redir: true
set-cookie: yredir_session=eyJpdiI6IjJHMWYyN0M1SDZZQTFScHM0aVBabEE9PSIsInZhbHVlIjoiSzhRWDBCUXVEWXF1R2hZMUtVbHk0TjVmZnRsNkhSdkY2SGIrQnZCSGxBS3cvQklnQndlejFCM2o5L0UvS0wzcWM3ZGVlM01PY0QvN0pOTkRXWGhjaElmcitJcm1ZakFwQ09xU3ptT2VjK25paHNsYkF4RFdwRTFYQ3l6bEtXa2oiLCJtYWMiOiJkZDFkNGU5MGQ2YzBjMTI0NWFjODFhODFhMWI5MjQyNTgxMmZiMWRkOTgyMjcyNTFjYjA0M2RkZmZmODM5OTU4IiwidGFnIjoiIn0%3D; expires=Sun, 05 Feb 2023 02:56:59 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
strict-transport-security: max-age=15768000
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
142.250.74.170200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (32077)
Hash fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec
GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 03:22:46 GMT
expires: Mon, 29 Jan 2024 03:22:46 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 596054
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/css/style.css
179.61.143.121200 OK 5.6 kB URL HTTP/1.1 ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/css/style.css
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type assembler source, ASCII text
Hash 0e0958d51ded34cd4de26a9e461a837e
99bd77585368d1d074744dd9391ca4a3fb120a18
27a276e80a16de7fe575cc4d28c1a1a8656bd4774fd5c4927da2cd9283e1f656
GET /templates/templates/gbrand-survey_MASTER_MULTI/css/style.css HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/feba0716-a4ef-11ed-abd1-2d5f27a5469f/febea2ee-a4ef-11ed-af91-397b2ca4c432
Cookie: yredir_session=eyJpdiI6IjJHMWYyN0M1SDZZQTFScHM0aVBabEE9PSIsInZhbHVlIjoiSzhRWDBCUXVEWXF1R2hZMUtVbHk0TjVmZnRsNkhSdkY2SGIrQnZCSGxBS3cvQklnQndlejFCM2o5L0UvS0wzcWM3ZGVlM01PY0QvN0pOTkRXWGhjaElmcitJcm1ZakFwQ09xU3ptT2VjK25paHNsYkF4RFdwRTFYQ3l6bEtXa2oiLCJtYWMiOiJkZDFkNGU5MGQ2YzBjMTI0NWFjODFhODFhMWI5MjQyNTgxMmZiMWRkOTgyMjcyNTFjYjA0M2RkZmZmODM5OTU4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:12 GMT
last-modified: Wed, 25 Jan 2023 21:31:58 GMT
etag: "0e0958d51ded34cd4de26a9e461a837e"
content-type: text/css
content-length: 5568
x-varnish: 4739492 3
age: 443088
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ujn.nowsubmission.com/templates/dates/returnDate.en.js
179.61.143.121200 OK 1.4 kB URL HTTP/1.1 ujn.nowsubmission.com/templates/dates/returnDate.en.js
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
Hash 7aff4dc745ab3f7939c7650d994ae3ae
22d1a5e8ef72f0c8104e9e7f6ba91c3c796f9e8a
7dfeca971a7fceb39cd2d8f1596546c4a60b1e6964aa20b8b9ab09f461bde18d
Analyzer Verdict Alert fortinet Phishing
GET /templates/dates/returnDate.en.js HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/feba0716-a4ef-11ed-abd1-2d5f27a5469f/febea2ee-a4ef-11ed-af91-397b2ca4c432
Cookie: yredir_session=eyJpdiI6IjJHMWYyN0M1SDZZQTFScHM0aVBabEE9PSIsInZhbHVlIjoiSzhRWDBCUXVEWXF1R2hZMUtVbHk0TjVmZnRsNkhSdkY2SGIrQnZCSGxBS3cvQklnQndlejFCM2o5L0UvS0wzcWM3ZGVlM01PY0QvN0pOTkRXWGhjaElmcitJcm1ZakFwQ09xU3ptT2VjK25paHNsYkF4RFdwRTFYQ3l6bEtXa2oiLCJtYWMiOiJkZDFkNGU5MGQ2YzBjMTI0NWFjODFhODFhMWI5MjQyNTgxMmZiMWRkOTgyMjcyNTFjYjA0M2RkZmZmODM5OTU4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:13 GMT
last-modified: Wed, 25 Jan 2023 21:31:41 GMT
etag: "7aff4dc745ab3f7939c7650d994ae3ae"
content-type: application/javascript
content-length: 1382
service-worker-allowed: /
x-varnish: 4739493 32771
age: 443088
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/o/2XXQ6DLP/feba0716-a4ef-11ed-abd1-2d5f27a5469f/?push=true
179.61.143.121302 Found 818 B URL HTTP/1.1 ujn.nowsubmission.com/o/2XXQ6DLP/feba0716-a4ef-11ed-abd1-2d5f27a5469f/?push=true
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (325)
Hash d722d26452a0fc646f4ef9ea3c352da1
205e240c09c8c732e58b4265f96055a2e104fb8a
02e7bea52e61f38c303ea72d95d04ad7b8872de5757293923ae69afcd3393d97
Analyzer Verdict Alert fortinet Phishing
GET /o/2XXQ6DLP/feba0716-a4ef-11ed-abd1-2d5f27a5469f/?push=true HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/feba0716-a4ef-11ed-abd1-2d5f27a5469f/febea2ee-a4ef-11ed-af91-397b2ca4c432
Cookie: yredir_session=eyJpdiI6IjJHMWYyN0M1SDZZQTFScHM0aVBabEE9PSIsInZhbHVlIjoiSzhRWDBCUXVEWXF1R2hZMUtVbHk0TjVmZnRsNkhSdkY2SGIrQnZCSGxBS3cvQklnQndlejFCM2o5L0UvS0wzcWM3ZGVlM01PY0QvN0pOTkRXWGhjaElmcitJcm1ZakFwQ09xU3ptT2VjK25paHNsYkF4RFdwRTFYQ3l6bEtXa2oiLCJtYWMiOiJkZDFkNGU5MGQ2YzBjMTI0NWFjODFhODFhMWI5MjQyNTgxMmZiMWRkOTgyMjcyNTFjYjA0M2RkZmZmODM5OTU4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
date: Sun, 05 Feb 2023 00:57:00 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
cache-control: no-cache, private
location: https://pushrev.neptuneadspush.com/tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=ff30fbfa-a4ef-11ed-8a5f-3be284578e41&&push=true
x-redir: true
set-cookie: yredir_session=eyJpdiI6ImtEVm8zQlJ1KzRaSUk4YUJKOW9UVnc9PSIsInZhbHVlIjoickt3SGtiMHM4czhHN1RoVExHcWlLY3VITnpSRjVCOXlUMlJ6SlgycFQrMG94VzI4K2VvN0Yra2QvYUtuZDJ2N1IzSXY5U1BVdGpmNDkva2Q2b1dveWJBRXBCTlNMSTczamRiTDBWVFk0QTRRQ0xnWDk5eXBLaVgzQW5mUXFwcEUiLCJtYWMiOiI3NzY0M2M1N2RiNGZiMjgyODI5NWFhMGYxY2U1NzVmYmI4OTkzYWI1ZjE0NjYwODkxYTIxZjY2NDM2ZDUzZDE3IiwidGFnIjoiIn0%3D; expires=Sun, 05 Feb 2023 02:57:00 GMT; Max-Age=7200; path=/; httponly; samesite=lax
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/media/template-images/iphone-13-blue-pink/300x200.jpg
179.61.143.121200 OK 8.3 kB URL HTTP/1.1 ujn.nowsubmission.com/media/template-images/iphone-13-blue-pink/300x200.jpg
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 200x200, components 3\012- data
Hash f6d434edf9003bf1c90b9673e4a27403
8c8ae8b80aef34450aee2d3bf9581d2643b806c2
6970807f8001bd5ccfe483120e5d95dfb9ad73aae1ee468dc3b6dabb67b71511
GET /media/template-images/iphone-13-blue-pink/300x200.jpg HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/feba0716-a4ef-11ed-abd1-2d5f27a5469f/febea2ee-a4ef-11ed-af91-397b2ca4c432
Cookie: yredir_session=eyJpdiI6IjJHMWYyN0M1SDZZQTFScHM0aVBabEE9PSIsInZhbHVlIjoiSzhRWDBCUXVEWXF1R2hZMUtVbHk0TjVmZnRsNkhSdkY2SGIrQnZCSGxBS3cvQklnQndlejFCM2o5L0UvS0wzcWM3ZGVlM01PY0QvN0pOTkRXWGhjaElmcitJcm1ZakFwQ09xU3ptT2VjK25paHNsYkF4RFdwRTFYQ3l6bEtXa2oiLCJtYWMiOiJkZDFkNGU5MGQ2YzBjMTI0NWFjODFhODFhMWI5MjQyNTgxMmZiMWRkOTgyMjcyNTFjYjA0M2RkZmZmODM5OTU4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:17 GMT
last-modified: Tue, 17 May 2022 15:08:40 GMT
etag: "f6d434edf9003bf1c90b9673e4a27403"
content-type: image/jpeg
content-length: 8337
x-varnish: 4776943 163852
age: 443084
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/female2-min.jpg
179.61.143.121200 OK 1.1 kB URL HTTP/1.1 ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/female2-min.jpg
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 0794d94f802b6df4a503a36dd30b1b49
88f41b569ba1bdb1c68b1aca65d3bec37a76657f
030ab7588cc14efd6625654c00ff326d6602091f4fae946265ad29f9fee370d9
GET /templates/templates/gbrand-survey_MASTER_MULTI/images/female2-min.jpg HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/feba0716-a4ef-11ed-abd1-2d5f27a5469f/febea2ee-a4ef-11ed-af91-397b2ca4c432
Cookie: yredir_session=eyJpdiI6IjJHMWYyN0M1SDZZQTFScHM0aVBabEE9PSIsInZhbHVlIjoiSzhRWDBCUXVEWXF1R2hZMUtVbHk0TjVmZnRsNkhSdkY2SGIrQnZCSGxBS3cvQklnQndlejFCM2o5L0UvS0wzcWM3ZGVlM01PY0QvN0pOTkRXWGhjaElmcitJcm1ZakFwQ09xU3ptT2VjK25paHNsYkF4RFdwRTFYQ3l6bEtXa2oiLCJtYWMiOiJkZDFkNGU5MGQ2YzBjMTI0NWFjODFhODFhMWI5MjQyNTgxMmZiMWRkOTgyMjcyNTFjYjA0M2RkZmZmODM5OTU4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:17 GMT
last-modified: Wed, 25 Jan 2023 21:31:58 GMT
etag: "0794d94f802b6df4a503a36dd30b1b49"
content-type: image/jpeg
content-length: 1102
x-varnish: 4960993 163854
age: 443083
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/fb-check-min.jpg
179.61.143.121200 OK 662 B URL HTTP/1.1 ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/fb-check-min.jpg
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 25x22, components 3\012- data
Hash 647f83a6bea8989234822fccfaaf1172
c5ceb9a12a3e855b384a2790ab7a6628375f54a3
897400118f15478b414250c5c4a07412d32f414c8683274996f1917ac79d882e
GET /templates/templates/gbrand-survey_MASTER_MULTI/images/fb-check-min.jpg HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/feba0716-a4ef-11ed-abd1-2d5f27a5469f/febea2ee-a4ef-11ed-af91-397b2ca4c432
Cookie: yredir_session=eyJpdiI6IjJHMWYyN0M1SDZZQTFScHM0aVBabEE9PSIsInZhbHVlIjoiSzhRWDBCUXVEWXF1R2hZMUtVbHk0TjVmZnRsNkhSdkY2SGIrQnZCSGxBS3cvQklnQndlejFCM2o5L0UvS0wzcWM3ZGVlM01PY0QvN0pOTkRXWGhjaElmcitJcm1ZakFwQ09xU3ptT2VjK25paHNsYkF4RFdwRTFYQ3l6bEtXa2oiLCJtYWMiOiJkZDFkNGU5MGQ2YzBjMTI0NWFjODFhODFhMWI5MjQyNTgxMmZiMWRkOTgyMjcyNTFjYjA0M2RkZmZmODM5OTU4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:17 GMT
last-modified: Wed, 25 Jan 2023 21:31:58 GMT
etag: "647f83a6bea8989234822fccfaaf1172"
content-type: image/jpeg
content-length: 662
x-varnish: 5017546 65551
age: 443084
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/male1-min.jpg
179.61.143.121200 OK 1.6 kB URL HTTP/1.1 ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/male1-min.jpg
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 7c87417985d39d54edfe8c84005668c5
9ef9beb0a8546e319b0e4e79543566ecf44995ab
17c1074c13199c387f264bf85324f2555d89c4221fae93a175d69973453f0cb4
GET /templates/templates/gbrand-survey_MASTER_MULTI/images/male1-min.jpg HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/feba0716-a4ef-11ed-abd1-2d5f27a5469f/febea2ee-a4ef-11ed-af91-397b2ca4c432
Cookie: yredir_session=eyJpdiI6IjJHMWYyN0M1SDZZQTFScHM0aVBabEE9PSIsInZhbHVlIjoiSzhRWDBCUXVEWXF1R2hZMUtVbHk0TjVmZnRsNkhSdkY2SGIrQnZCSGxBS3cvQklnQndlejFCM2o5L0UvS0wzcWM3ZGVlM01PY0QvN0pOTkRXWGhjaElmcitJcm1ZakFwQ09xU3ptT2VjK25paHNsYkF4RFdwRTFYQ3l6bEtXa2oiLCJtYWMiOiJkZDFkNGU5MGQ2YzBjMTI0NWFjODFhODFhMWI5MjQyNTgxMmZiMWRkOTgyMjcyNTFjYjA0M2RkZmZmODM5OTU4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:17 GMT
last-modified: Wed, 25 Jan 2023 21:31:58 GMT
etag: "7c87417985d39d54edfe8c84005668c5"
content-type: image/jpeg
content-length: 1559
x-varnish: 5054495 196610
age: 443083
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash e7ed2e105553a34a5bef8619ee00ebb6
c835a9a711f9766586630abeb7e30c177d46a4bf
65c9bf0673bbc28d4222cc3c071302fd7fc1756ce4e15f51470bd30369a83420
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:00 GMT
Etag: "63dd9674-118"
Server: ECS (amb/6B8E)
Content-Length: 278
ujn.nowsubmission.com/templates/media/prizes/macbook2.png
179.61.143.121200 OK 38 kB URL HTTP/1.1 ujn.nowsubmission.com/templates/media/prizes/macbook2.png
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 65601e39390008cb1fab24b661dbfb9f
cb1ba3693de85c53ebf0336bc7023b2348ffc6df
cfc14f5db37a2f1ef657cb9fbcd68b17e9295521b0966cf466be378c6da9cef6
GET /templates/media/prizes/macbook2.png HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/feba0716-a4ef-11ed-abd1-2d5f27a5469f/febea2ee-a4ef-11ed-af91-397b2ca4c432
Cookie: yredir_session=eyJpdiI6IjJHMWYyN0M1SDZZQTFScHM0aVBabEE9PSIsInZhbHVlIjoiSzhRWDBCUXVEWXF1R2hZMUtVbHk0TjVmZnRsNkhSdkY2SGIrQnZCSGxBS3cvQklnQndlejFCM2o5L0UvS0wzcWM3ZGVlM01PY0QvN0pOTkRXWGhjaElmcitJcm1ZakFwQ09xU3ptT2VjK25paHNsYkF4RFdwRTFYQ3l6bEtXa2oiLCJtYWMiOiJkZDFkNGU5MGQ2YzBjMTI0NWFjODFhODFhMWI5MjQyNTgxMmZiMWRkOTgyMjcyNTFjYjA0M2RkZmZmODM5OTU4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:48 GMT
last-modified: Wed, 25 Jan 2023 21:31:47 GMT
etag: "65601e39390008cb1fab24b661dbfb9f"
content-type: image/png
content-length: 37747
x-varnish: 4739496 98357
age: 443052
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/templates/media/prizes/ipadpro2.png
179.61.143.121200 OK 58 kB URL HTTP/1.1 ujn.nowsubmission.com/templates/media/prizes/ipadpro2.png
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type PNG image data, 226 x 223, 8-bit/color RGBA, non-interlaced\012- data
Hash e84a3b1f4ab81c1369c00b20e7e76f3e
a7149c064176ef35c04ca6b0396f67f4d5641f92
fa444460c52cc7ae67baaea642ad355ef489491cc3014f074162a565437af50b
GET /templates/media/prizes/ipadpro2.png HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/feba0716-a4ef-11ed-abd1-2d5f27a5469f/febea2ee-a4ef-11ed-af91-397b2ca4c432
Cookie: yredir_session=eyJpdiI6IjJHMWYyN0M1SDZZQTFScHM0aVBabEE9PSIsInZhbHVlIjoiSzhRWDBCUXVEWXF1R2hZMUtVbHk0TjVmZnRsNkhSdkY2SGIrQnZCSGxBS3cvQklnQndlejFCM2o5L0UvS0wzcWM3ZGVlM01PY0QvN0pOTkRXWGhjaElmcitJcm1ZakFwQ09xU3ptT2VjK25paHNsYkF4RFdwRTFYQ3l6bEtXa2oiLCJtYWMiOiJkZDFkNGU5MGQ2YzBjMTI0NWFjODFhODFhMWI5MjQyNTgxMmZiMWRkOTgyMjcyNTFjYjA0M2RkZmZmODM5OTU4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:49 GMT
last-modified: Wed, 25 Jan 2023 21:31:46 GMT
etag: "e84a3b1f4ab81c1369c00b20e7e76f3e"
content-type: image/png
content-length: 58468
x-varnish: 4901481 294940
age: 443052
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
pushrev.neptuneadspush.com/tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=ff30fbfa-a4ef-11ed-8a5f-3be284578e41&&push=true
172.64.129.25200 OK 780 B URL HTTP/2 pushrev.neptuneadspush.com/tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=ff30fbfa-a4ef-11ed-8a5f-3be284578e41&&push=true
IP 172.64.129.25:0
File type ASCII text, with CRLF line terminators
Hash a68901e81110c878f01d4d68a7b04fc0
d81d863bf3d002a48ecf37f38d78e0f30124a3ca
00ad602963beb7af43ac9136ff3dc3edacfa3599a3a8e7d9b1b35101bebe02ad
GET /tracker-v2-vapid.js?aff_id=1163&custom=v2&s2=ff30fbfa-a4ef-11ed-8a5f-3be284578e41&&push=true HTTP/1.1
Host: pushrev.neptuneadspush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujn.nowsubmission.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:57:00 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2678400
cf-cache-status: MISS
last-modified: Sun, 05 Feb 2023 00:57:00 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1V9jdQDRi%2FpacptljbGqptwyt6XjaDZBevj71jrxNfqDy9w%2F2%2F3eztPjF7I03FOmRJrITteu7hC%2BX1b%2FWS6vzXsWfBK6DAFawuJ%2FQLKdQzo4w%2B45cQ0TDe0a0JsKuLAxtaU5UHy7MAahc3p6OQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7947b0837fe4772b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/male2-min.jpg
179.61.143.121200 OK 1.4 kB URL HTTP/1.1 ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/male2-min.jpg
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 5170cc950871a79361acd06bc10ab09c
78176973a41a99af57b538ed95f32c6540b8eb56
20a470a2a8efcfc0f3f4a9ef9024d5e43594c7b82d0e88ad68e5c846be3b9eef
GET /templates/templates/gbrand-survey_MASTER_MULTI/images/male2-min.jpg HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/feba0716-a4ef-11ed-abd1-2d5f27a5469f/febea2ee-a4ef-11ed-af91-397b2ca4c432
Cookie: yredir_session=eyJpdiI6IjJHMWYyN0M1SDZZQTFScHM0aVBabEE9PSIsInZhbHVlIjoiSzhRWDBCUXVEWXF1R2hZMUtVbHk0TjVmZnRsNkhSdkY2SGIrQnZCSGxBS3cvQklnQndlejFCM2o5L0UvS0wzcWM3ZGVlM01PY0QvN0pOTkRXWGhjaElmcitJcm1ZakFwQ09xU3ptT2VjK25paHNsYkF4RFdwRTFYQ3l6bEtXa2oiLCJtYWMiOiJkZDFkNGU5MGQ2YzBjMTI0NWFjODFhODFhMWI5MjQyNTgxMmZiMWRkOTgyMjcyNTFjYjA0M2RkZmZmODM5OTU4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:17 GMT
last-modified: Wed, 25 Jan 2023 21:31:58 GMT
etag: "5170cc950871a79361acd06bc10ab09c"
content-type: image/jpeg
content-length: 1415
x-varnish: 4739497 229379
age: 443084
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/male3-min.jpg
179.61.143.121200 OK 1.1 kB URL HTTP/1.1 ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/male3-min.jpg
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 9c2e86ea3c24bf83b78361d150a27abb
fbf849c5bf8ee98881135e3154ed39f18d1e9559
e22cdb3b53b481625f52a6a75461e9fd7a01e92f77d9da7381067ec7b5e0c8a2
GET /templates/templates/gbrand-survey_MASTER_MULTI/images/male3-min.jpg HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/feba0716-a4ef-11ed-abd1-2d5f27a5469f/febea2ee-a4ef-11ed-af91-397b2ca4c432
Cookie: yredir_session=eyJpdiI6IjJHMWYyN0M1SDZZQTFScHM0aVBabEE9PSIsInZhbHVlIjoiSzhRWDBCUXVEWXF1R2hZMUtVbHk0TjVmZnRsNkhSdkY2SGIrQnZCSGxBS3cvQklnQndlejFCM2o5L0UvS0wzcWM3ZGVlM01PY0QvN0pOTkRXWGhjaElmcitJcm1ZakFwQ09xU3ptT2VjK25paHNsYkF4RFdwRTFYQ3l6bEtXa2oiLCJtYWMiOiJkZDFkNGU5MGQ2YzBjMTI0NWFjODFhODFhMWI5MjQyNTgxMmZiMWRkOTgyMjcyNTFjYjA0M2RkZmZmODM5OTU4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:17 GMT
last-modified: Wed, 25 Jan 2023 21:31:58 GMT
etag: "9c2e86ea3c24bf83b78361d150a27abb"
content-type: image/jpeg
content-length: 1136
x-varnish: 4901482 11
age: 443084
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/sub2-min.png
179.61.143.121200 OK 503 B URL HTTP/1.1 ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/sub2-min.png
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type PNG image data, 125 x 32, 8-bit grayscale, non-interlaced\012- data
Hash 17b195295195777b7415a91b5bfe4e40
6381d3fafffb4db3439a2e2e529e1495e3d2d043
424c21017d352a097502d212564a602f036cada202fa55247ef2b2a276f03f59
GET /templates/templates/gbrand-survey_MASTER_MULTI/images/sub2-min.png HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/feba0716-a4ef-11ed-abd1-2d5f27a5469f/febea2ee-a4ef-11ed-af91-397b2ca4c432
Cookie: yredir_session=eyJpdiI6IjJHMWYyN0M1SDZZQTFScHM0aVBabEE9PSIsInZhbHVlIjoiSzhRWDBCUXVEWXF1R2hZMUtVbHk0TjVmZnRsNkhSdkY2SGIrQnZCSGxBS3cvQklnQndlejFCM2o5L0UvS0wzcWM3ZGVlM01PY0QvN0pOTkRXWGhjaElmcitJcm1ZakFwQ09xU3ptT2VjK25paHNsYkF4RFdwRTFYQ3l6bEtXa2oiLCJtYWMiOiJkZDFkNGU5MGQ2YzBjMTI0NWFjODFhODFhMWI5MjQyNTgxMmZiMWRkOTgyMjcyNTFjYjA0M2RkZmZmODM5OTU4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:16 GMT
last-modified: Wed, 25 Jan 2023 21:31:58 GMT
etag: "17b195295195777b7415a91b5bfe4e40"
content-type: image/png
content-length: 503
x-varnish: 4776944 65546
age: 443085
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/female3-min.jpg
179.61.143.121200 OK 1.6 kB URL HTTP/1.1 ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/female3-min.jpg
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 0abe78ea1873bc889025a46db4e6899d
d450f884aa79f7044155bad242c921da865a9ea7
d3167dff1bc974c9638243617a4aa43ae0889b44eb3d0d0039db034ed2aec8ff
GET /templates/templates/gbrand-survey_MASTER_MULTI/images/female3-min.jpg HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/feba0716-a4ef-11ed-abd1-2d5f27a5469f/febea2ee-a4ef-11ed-af91-397b2ca4c432
Cookie: yredir_session=eyJpdiI6IjJHMWYyN0M1SDZZQTFScHM0aVBabEE9PSIsInZhbHVlIjoiSzhRWDBCUXVEWXF1R2hZMUtVbHk0TjVmZnRsNkhSdkY2SGIrQnZCSGxBS3cvQklnQndlejFCM2o5L0UvS0wzcWM3ZGVlM01PY0QvN0pOTkRXWGhjaElmcitJcm1ZakFwQ09xU3ptT2VjK25paHNsYkF4RFdwRTFYQ3l6bEtXa2oiLCJtYWMiOiJkZDFkNGU5MGQ2YzBjMTI0NWFjODFhODFhMWI5MjQyNTgxMmZiMWRkOTgyMjcyNTFjYjA0M2RkZmZmODM5OTU4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:17 GMT
last-modified: Wed, 25 Jan 2023 21:31:58 GMT
etag: "0abe78ea1873bc889025a46db4e6899d"
content-type: image/jpeg
content-length: 1570
x-varnish: 4960997 65555
age: 443084
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/female6-min.jpg
179.61.143.121200 OK 1.4 kB URL HTTP/1.1 ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/female6-min.jpg
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 87df438b53e4bf2c6dbaeaf9a3f3fe23
db7a57b1e5dbfd1c9e82794d04fdc9c165808586
6e30d9a2d54a07c9400a814532e2c1d638467c58f24e0ec7f631f629022be87d
GET /templates/templates/gbrand-survey_MASTER_MULTI/images/female6-min.jpg HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/feba0716-a4ef-11ed-abd1-2d5f27a5469f/febea2ee-a4ef-11ed-af91-397b2ca4c432
Cookie: yredir_session=eyJpdiI6IjJHMWYyN0M1SDZZQTFScHM0aVBabEE9PSIsInZhbHVlIjoiSzhRWDBCUXVEWXF1R2hZMUtVbHk0TjVmZnRsNkhSdkY2SGIrQnZCSGxBS3cvQklnQndlejFCM2o5L0UvS0wzcWM3ZGVlM01PY0QvN0pOTkRXWGhjaElmcitJcm1ZakFwQ09xU3ptT2VjK25paHNsYkF4RFdwRTFYQ3l6bEtXa2oiLCJtYWMiOiJkZDFkNGU5MGQ2YzBjMTI0NWFjODFhODFhMWI5MjQyNTgxMmZiMWRkOTgyMjcyNTFjYjA0M2RkZmZmODM5OTU4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:18 GMT
last-modified: Wed, 25 Jan 2023 21:31:58 GMT
etag: "87df438b53e4bf2c6dbaeaf9a3f3fe23"
content-type: image/jpeg
content-length: 1401
x-varnish: 4840441 65557
age: 443083
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/loading.gif
179.61.143.121200 OK 2.9 kB URL HTTP/1.1 ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/loading.gif
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type GIF image data, version 89a, 25 x 25\012- data
Hash 57853c90b8506907affe703e96d0184c
da22e6ad39a588f38c058091404a245cd4aeb821
61a5b75bd3a5d8370fd543e656a9223bf98035cb0e9931849b2a78c94b7134db
GET /templates/templates/gbrand-survey_MASTER_MULTI/images/loading.gif HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/feba0716-a4ef-11ed-abd1-2d5f27a5469f/febea2ee-a4ef-11ed-af91-397b2ca4c432
Cookie: yredir_session=eyJpdiI6IjJHMWYyN0M1SDZZQTFScHM0aVBabEE9PSIsInZhbHVlIjoiSzhRWDBCUXVEWXF1R2hZMUtVbHk0TjVmZnRsNkhSdkY2SGIrQnZCSGxBS3cvQklnQndlejFCM2o5L0UvS0wzcWM3ZGVlM01PY0QvN0pOTkRXWGhjaElmcitJcm1ZakFwQ09xU3ptT2VjK25paHNsYkF4RFdwRTFYQ3l6bEtXa2oiLCJtYWMiOiJkZDFkNGU5MGQ2YzBjMTI0NWFjODFhODFhMWI5MjQyNTgxMmZiMWRkOTgyMjcyNTFjYjA0M2RkZmZmODM5OTU4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:17 GMT
last-modified: Wed, 25 Jan 2023 21:31:58 GMT
etag: "57853c90b8506907affe703e96d0184c"
content-type: image/gif
content-length: 2873
x-varnish: 4853612 65549
age: 443084
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/female4-min.jpg
179.61.143.121200 OK 1.2 kB URL HTTP/1.1 ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/female4-min.jpg
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 9c0405fd9e4d3b488c3d9ccf0f7094fc
741c5b681855426bfbdec095ebcab5c89537eec0
f2ccdeb441553c02c3e536e7cc0d266ff8db7db4217d7117a860bfa259f21bb2
GET /templates/templates/gbrand-survey_MASTER_MULTI/images/female4-min.jpg HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/feba0716-a4ef-11ed-abd1-2d5f27a5469f/febea2ee-a4ef-11ed-af91-397b2ca4c432
Cookie: yredir_session=eyJpdiI6IjJHMWYyN0M1SDZZQTFScHM0aVBabEE9PSIsInZhbHVlIjoiSzhRWDBCUXVEWXF1R2hZMUtVbHk0TjVmZnRsNkhSdkY2SGIrQnZCSGxBS3cvQklnQndlejFCM2o5L0UvS0wzcWM3ZGVlM01PY0QvN0pOTkRXWGhjaElmcitJcm1ZakFwQ09xU3ptT2VjK25paHNsYkF4RFdwRTFYQ3l6bEtXa2oiLCJtYWMiOiJkZDFkNGU5MGQ2YzBjMTI0NWFjODFhODFhMWI5MjQyNTgxMmZiMWRkOTgyMjcyNTFjYjA0M2RkZmZmODM5OTU4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:17 GMT
last-modified: Wed, 25 Jan 2023 21:31:58 GMT
etag: "9c0405fd9e4d3b488c3d9ccf0f7094fc"
content-type: image/jpeg
content-length: 1204
x-varnish: 4853613 131086
age: 443084
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/female5-min.jpg
179.61.143.121200 OK 1.4 kB URL HTTP/1.1 ujn.nowsubmission.com/templates/templates/gbrand-survey_MASTER_MULTI/images/female5-min.jpg
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash ef0096a20db337c11b5e8f38b5d6bb74
60d814ad51c07471282c900a2d06766c790f1988
96da34eac319184af9e5f588fb0452ec1167c675102d8a7069afa3e76eea1d9b
GET /templates/templates/gbrand-survey_MASTER_MULTI/images/female5-min.jpg HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/feba0716-a4ef-11ed-abd1-2d5f27a5469f/febea2ee-a4ef-11ed-af91-397b2ca4c432
Cookie: yredir_session=eyJpdiI6IjJHMWYyN0M1SDZZQTFScHM0aVBabEE9PSIsInZhbHVlIjoiSzhRWDBCUXVEWXF1R2hZMUtVbHk0TjVmZnRsNkhSdkY2SGIrQnZCSGxBS3cvQklnQndlejFCM2o5L0UvS0wzcWM3ZGVlM01PY0QvN0pOTkRXWGhjaElmcitJcm1ZakFwQ09xU3ptT2VjK25paHNsYkF4RFdwRTFYQ3l6bEtXa2oiLCJtYWMiOiJkZDFkNGU5MGQ2YzBjMTI0NWFjODFhODFhMWI5MjQyNTgxMmZiMWRkOTgyMjcyNTFjYjA0M2RkZmZmODM5OTU4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:18 GMT
last-modified: Wed, 25 Jan 2023 21:31:58 GMT
etag: "ef0096a20db337c11b5e8f38b5d6bb74"
content-type: image/jpeg
content-length: 1377
x-varnish: 4840442 229382
age: 443083
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/_common/js/service-workers/neptuneads/service-worker.js
179.61.143.121200 OK 90 B URL HTTP/1.1 ujn.nowsubmission.com/_common/js/service-workers/neptuneads/service-worker.js
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type ASCII text, with no line terminators
Hash 1060884cf64d39c3fb28309d83ead97c
6c370dffa201da316e7dc11ff7ac7fec556a1273
d299b7fe0f0da619c1a2c016f631cf004b8a7f92fdb0104dfb6fc0ab03105123
Analyzer Verdict Alert fortinet Phishing
GET /_common/js/service-workers/neptuneads/service-worker.js HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: yredir_session=eyJpdiI6ImtEVm8zQlJ1KzRaSUk4YUJKOW9UVnc9PSIsInZhbHVlIjoickt3SGtiMHM4czhHN1RoVExHcWlLY3VITnpSRjVCOXlUMlJ6SlgycFQrMG94VzI4K2VvN0Yra2QvYUtuZDJ2N1IzSXY5U1BVdGpmNDkva2Q2b1dveWJBRXBCTlNMSTczamRiTDBWVFk0QTRRQ0xnWDk5eXBLaVgzQW5mUXFwcEUiLCJtYWMiOiI3NzY0M2M1N2RiNGZiMjgyODI5NWFhMGYxY2U1NzVmYmI4OTkzYWI1ZjE0NjYwODkxYTIxZjY2NDM2ZDUzZDE3IiwidGFnIjoiIn0%3D; _NeptuneAdsPushSubscriberID=15d7f0f2-9bb3-bd1b-4972-1bcc1471fc59
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 21:52:13 GMT
last-modified: Fri, 20 May 2022 14:50:35 GMT
etag: "1060884cf64d39c3fb28309d83ead97c"
content-type: application/javascript
content-length: 90
service-worker-allowed: /
x-varnish: 4776945 8
age: 443088
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
strict-transport-security: max-age=15768000
ujn.nowsubmission.com/favicon.ico
179.61.143.121403 Forbidden 243 B URL HTTP/1.1 ujn.nowsubmission.com/favicon.ico
IP 179.61.143.121:0
ASN #61317 Ipxo Uk Limited
File type XML 1.0 document text\012- XML document, ASCII text
Hash f32f16b6b8675138da65d215cde75d7f
4d4b92e9af571e5781f6683cdee06e95fbc80fba
ef05fab47ab573c0c0736f0dfc33352ac33ef6eada75b7f4bbd9e3119a0cc029
GET /favicon.ico HTTP/1.1
Host: ujn.nowsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/t/2e9423a84ad4/feba0716-a4ef-11ed-abd1-2d5f27a5469f/febea2ee-a4ef-11ed-af91-397b2ca4c432
Cookie: yredir_session=eyJpdiI6ImtEVm8zQlJ1KzRaSUk4YUJKOW9UVnc9PSIsInZhbHVlIjoickt3SGtiMHM4czhHN1RoVExHcWlLY3VITnpSRjVCOXlUMlJ6SlgycFQrMG94VzI4K2VvN0Yra2QvYUtuZDJ2N1IzSXY5U1BVdGpmNDkva2Q2b1dveWJBRXBCTlNMSTczamRiTDBWVFk0QTRRQ0xnWDk5eXBLaVgzQW5mUXFwcEUiLCJtYWMiOiI3NzY0M2M1N2RiNGZiMjgyODI5NWFhMGYxY2U1NzVmYmI4OTkzYWI1ZjE0NjYwODkxYTIxZjY2NDM2ZDUzZDE3IiwidGFnIjoiIn0%3D; _NeptuneAdsPushSubscriberID=15d7f0f2-9bb3-bd1b-4972-1bcc1471fc59
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 403 Forbidden
content-type: application/xml
date: Mon, 30 Jan 2023 21:52:12 GMT
x-varnish: 4840443 163845
age: 443087
via: 1.1 varnish (Varnish/7.0)
content-length: 243
strict-transport-security: max-age=15768000
pushrev.neptuneadspush.com/javascripts/trackpush-v2-vapid.js?v=1&custom=true
172.64.129.25200 OK 0 B URL HTTP/2 pushrev.neptuneadspush.com/javascripts/trackpush-v2-vapid.js?v=1&custom=true
IP 172.64.129.25:0
GET /javascripts/trackpush-v2-vapid.js?v=1&custom=true HTTP/1.1
Host: pushrev.neptuneadspush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujn.nowsubmission.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:57:00 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2678400
cf-cache-status: HIT
age: 790
last-modified: Sun, 05 Feb 2023 00:43:50 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FznJc4a2ZeqlfQbv2%2FavctGdlpdJj6ffdKLywBJ%2BO0%2BwSseCVe%2BNLpbETmwkIJ0FThdVlSKPd7BE0UqEIq8C7MJjuSyCVsEzI6RvmJ9rJiDESMXVt6TXmOfCZa16%2Bj6Dd3whJMqLlSohQL2sng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7947b085195e772b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2